package com.llgz.hotelmanageapi.shiro;

import com.auth0.jwt.exceptions.JWTVerificationException;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;

import com.llgz.hotelmanageapi.pojo.DO.SysAuthority;
import com.llgz.hotelmanageapi.pojo.DO.UserInfo;
import com.llgz.hotelmanageapi.service.impl.SysAuthorityServiceImpl;
import com.llgz.hotelmanageapi.service.impl.UserInfoServiceImpl;
import com.llgz.hotelmanageapi.utils.JWTUtil;
import com.llgz.hotelmanageapi.utils.RedisUtils;
import lombok.SneakyThrows;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.io.UnsupportedEncodingException;
import java.util.HashSet;
import java.util.Set;

/**
 * @author Bernie_fang
 * @Description:
 * @create 2021/7/23 10:03
 **/
public class UserRealm extends AuthorizingRealm {

    @Autowired
    private RedisUtils redisUtils;

    @Autowired
    private UserInfoServiceImpl userInfoService;

    @Autowired
    private SysAuthorityServiceImpl authorityService;

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JWTToken;
    }


    /**
     * 权限认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
        //获取token
        String token = (String) authenticationToken.getCredentials();
        // 解密，获取userId
        String id = JWTUtil.getUserId(token);//获取id
        UserInfo userInfo = (UserInfo) redisUtils.get("Login:" + id);
        if (userInfo == null) {
            //redis获取不到再查询
            userInfo = userInfoService.getById(id);
        }
        try {
            //通过认证后返回
            if (userInfo != null && JWTUtil.verify(token)) {
                return new SimpleAuthenticationInfo(token, token, this.getName());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

    /**
     * @Description: 授权
     * @Author: Bernie_fang
     * @Since: 2021/7/23 15:36
     * @param principalCollection:
     * @return: org.apache.shiro.authz.AuthorizationInfo
     **/
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //拿到安全信息
        String id = JWTUtil.getUserId(principalCollection.toString());//获取id
        UserInfo userInfo = (UserInfo) redisUtils.get("Login:" + id);
        if (userInfo == null) { //redis获取不到再查询
            userInfo = userInfoService.getById(id);
        }
        SysAuthority authority = authorityService.getById(userInfo.getUserRole());
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        Set<String> role = new HashSet<>();
        role.add(authority.getAuthority());
        authorizationInfo.setRoles(role);
        return authorizationInfo;
    }

}
